Ethical Hacking, Penetration Testing & Computer Security

This tool is exactly what it says, it’s a Multi Threaded TCP Port Scanner with possibility to scan 65535 TCP ports on an IP address. You can specify how many threads to run and the timeout. It will tell you the MAC address of the target and the service running – works on both Linux and Windows.

Version 2.0 adds SYN scanning capabilities and much more:

Added option -s for SYN scan.

Scanning made faster thanks to SYN scan

Added even more default ports

Improved error handler for SYN scan

Improved text output

Fixed minor bugs

A new branch of the program has been created to support SYN scan. SYN scan was necessary because under some circumstances of heavy load, the TCP Connect scan can hang routers. SYN scan is multithreaded and uses the standard library pcap on Unix/Linux operating systems. Please be aware that SYN scan requires a higher level of authorization, if compared to connect sockets: in Unix/Linux pscan requires root privilege. In some operating systems, SYN scan is performed using connectionless “raw” sockets, therefore the usage of pscan is subject to possible restriction to the usage of raw sockets in such operating systems.

With SYN scan, option -w is not used because the program does not use connected sockets, so it doesn’t have to loop reading a socket until the timeout is reached. The receive function doesn’t have to poll over a number of sockets, but simply reads the packets passing through the network card, for all ports, and displays the message of “open port” when the packet coming from the remote IP contains the information that the remote port is open. For the same reason, options -a and -n are not used. The first one because packets sent to closed ports are simply not being replied to, so they cannot be counted; the second one because the function that reads packets is one, and performs this by reading packets from the network card, not from multiple sockets.